The cybersecurity firm Malwarebytes said that the leaked dataset includes user names, full names, email addresses, phone numbers, partial physical addresses, and other contact information, according to the Daily Mail on Saturday. While no passwords were included, experts warn that the compromised data can still be used for identity theft or financial fraud. The breach was first traced to a 2024 vulnerability in Instagram's API, according to cybersecurity publication CyberInsider.